GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.

Local AI > browser tabs. Not even close.

GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...

OpenClaw's Node for VS Code extension proved it can support a real local file-based workflow, but on Windows the experience still feels more like early infrastructure than finished tooling.

This is GlassWorm: a software supply chain attack that security researchers are calling one of the most sophisticated and ...

Anthropic has accidentally exposed Claude Code's full 512,000-line TypeScript source via an npm source map, revealing ...

Socket uncovers large-scale GitHub spam campaign abusing “Discussions” notifications Fake advisories with bogus CVEs trick developers into downloading malware via cloud-hosted links Thousands of ...

Hackers target GitHub developers with fake VS Code alerts and CVEs, using malicious links to steal data and deliver malware.

IBM announced it is offering the IBM Db2 Developer Extension for Visual Studio (VS) Code—now generally available. Developers live in VS Code, but Db2 development often means switching tools to set up ...

Pixel Agents integrates animated pixel art characters into Visual Studio Code (VS Code) to create a virtual workspace for managing AI-driven workflows. Demonstrated by Nate Herk , this extension ...

Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, ...